I got it! I think I understood why so many security discussions around the topic of “intelligence” (be it the clearer “threat intelligence” or dramatically confusing “security intelligence”) go so awry so quickly.
Compare these two quotes:
- “Data is not information, information is not knowledge, knowledge is not intelligence, intelligence is not wisdom.” (uses this definition)
- “The National Security Agency (NSA) is the main producer and manager of signals intelligence (SIGINT) for the United States.” (uses this definition)
Hilarity ensues when two infosec professionals engage in a heated discussion about intelligence, one using #1 concept and the other using the #2. Just think about it and imagine (or, more likely, recall) the conversation that went like this:
A: “We want intelligence-based security!” (thinking that of better quality information and decisions)
B: “What are you talking about? We won’t create our own TAO team here; we just want to be secure” (thinking of the NSA)
A: “Don’t you want to be more intelligent in what you do?”
B: “Well, yes. But we don’t need an intelligence agency to protect our secrets…”
and so on…
So, the lesson here is CLARITY!!!
Posts related to this research project:
Read Complimentary Relevant Research
Security Monitoring and Operations Primer for 2017
Security monitoring and operations excellence is a key component of any effective security program. Gartner's 2017 research will guide...
View Relevant Webinars
Top Take-Aways: 2015-2016 Security and Risk Surveys
Analysis from results of surveys conducted in 2015-2016 for CISOs, security, compliance, risk, business continuity and privacy professionals....
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.